CVE-2022-48671
cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at
cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix
threadgroup_rwsem <-> cpus_read_lock() deadlock") missed that
cpuset_attach() is also called from cgroup_attach_task_all().
Add cpus_read_lock() like what cgroup_procs_write_start() does.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: cgroup: agregue cpus_read_lock() faltante a cgroup_attach_task_all() syzbot está presionando la advertencia percpu_rwsem_assert_held(&cpu_hotplug_lock) en cpuset_attach() [1], para el commit 4f7e7236435ca0ab ("cgroup: Fix threadgroup_rwsem <- > cpus_read_lock() deadlock") se perdió que cpuset_attach() también se llama desde cgroup_attach_task_all(). Agregue cpus_read_lock() como lo hace cgroup_procs_write_start().
In the Linux kernel, the following vulnerability has been resolved: cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() syzbot is hitting percpu_rwsem_assert_held(&cpu_hotplug_lock) warning at cpuset_attach() [1], for commit 4f7e7236435ca0ab ("cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock") missed that cpuset_attach() is also called from cgroup_attach_task_all(). Add cpus_read_lock() like what cgroup_procs_write_start() does.
The SUSE Linux Enterprise 15 SP5 Real Time kernel was updated to receive various security bug fixes.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-25 CVE Reserved
- 2024-05-03 CVE Published
- 2025-05-04 CVE Updated
- 2025-06-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-667: Improper Locking
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/59c6902a96b4439e07c25ef86a4593bea5481c3b | Vuln. Introduced | |
| https://git.kernel.org/stable/c/dee1e2b18cf5426eed985512ccc6636ec69dbdd6 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/3bf4bf54069f9b62a54988e5d085023c17a66c90 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/c0deb027c99c099aa6b831e326bfba802b25e774 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.213 < 5.4.215 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.213 < 5.4.215" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10.143 < 5.10.145 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.143 < 5.10.145" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.15.68 < 5.15.70 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.68 < 5.15.70" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.19.9 < 5.19.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.19.9 < 5.19.11" | en |
Affected
| ||||||